load("@aspect_bazel_lib//lib:tar.bzl", "tar")
load("@rules_distroless//distroless:defs.bzl", "cacerts", "group", "home", "locale", "os_release", "passwd")
load("//:distro.bzl", "ALL_ARCHITECTURES", "ALL_DISTROS", "VERSIONS")
load("//private/util:deb.bzl", "deb")
load(":variables.bzl", "NOBODY", "NONROOT", "OS_RELEASE", "ROOT", "quote")

package(default_visibility = ["//visibility:public"])

COMMON_ARCHITECTURES = ALL_ARCHITECTURES

COMMON_DISTROS = ALL_DISTROS

tar(
    name = "rootfs",
    srcs = [],
    args = [
        "--format",
        "gnutar",
    ],
    compress = "gzip",
    mtree = ["./ type=dir uid=0 gid=0 time=0.0"],
)

tar(
    name = "tmp",
    srcs = [],
    # original tmp.tar was created on a gnutar, mimic that.
    args = [
        "--format",
        "gnutar",
    ],
    compress = "gzip",
    mtree = ["./tmp gname=root uname=root time=0.0 mode=1777 gid=0 uid=0 type=dir"],
)

[
    os_release(
        name = "os_release_%s" % dist,
        content = {
            key: quote(value.format(
                CODENAME = codename,
                VERSION = version,
            ))
            for (key, value) in OS_RELEASE.items()
        },
    )
    for (dist, codename, version) in VERSIONS
]

[
    locale(
        name = "locale_%s_%s" % (distro, arch),
        charset = "C.utf8",
        package = deb.data(arch, distro, "libc-bin"),
    )
    for arch in COMMON_ARCHITECTURES
    for distro in COMMON_DISTROS
]

[
    cacerts(
        name = "cacerts_%s_%s" % (distro, arch),
        package = deb.data(arch, distro, "ca-certificates"),
    )
    for arch in COMMON_ARCHITECTURES
    for distro in COMMON_DISTROS
]

# create /etc/group with the root, tty, and staff groups
group(
    name = "group",
    entries = [
        {
            "name": "root",  # root_group
            "gid": ROOT,
            "password": "x",
        },
        {
            "name": "nobody",  # nobody_group
            "gid": NOBODY,
            "password": "x",
        },
        {
            "name": "tty",  # tty_group
            "gid": 5,
            "password": "x",
        },
        {
            "name": "staff",  # staff_group
            "gid": 50,
            "password": "x",
        },
        {
            "name": "nonroot",  # nonroot_group
            "gid": NONROOT,
            "password": "x",
        },
    ],
)

passwd(
    name = "passwd",
    entries = [
        {
            "gecos": ["root"],
            "gid": ROOT,
            "shell": "/sbin/nologin",
            "home": "/root",
            "uid": ROOT,
            "password": "x",
            "username": "root",
        },
        {
            "gecos": ["nobody"],
            "gid": NOBODY,
            "home": "/nonexistent",
            "shell": "/sbin/nologin",
            "uid": NOBODY,
            "password": "x",
            "username": "nobody",
        },
        {
            "gecos": ["nonroot"],
            "gid": NONROOT,
            "home": "/home/nonroot",
            "shell": "/sbin/nologin",
            "uid": NONROOT,
            "password": "x",
            "username": "nonroot",
        },
    ],
)

home(
    name = "home",
    dirs = [
        {
            "home": "/root",
            "uid": ROOT,
            "gid": ROOT,
            "mode": 700,
        },
        {
            "home": "/home",
            "uid": ROOT,
            "gid": ROOT,
            "mode": 755,
        },
        {
            "home": "/home/nonroot",
            "uid": NONROOT,
            "gid": NONROOT,
            "mode": 700,
        },
    ],
)
